Windows 8.1 is designed primarily as an operating system for client devices. This chapter covers getting started with Windows 8.1 and the fundamental tasks you need for Windows 8.1 administration. Throughout this and the other chapters in this book, you’ll find detailed discussions of changes that enhance all aspects of computer management and security. Although this book focuses on Windows 8.1 administration, the tips and techniques discussed throughout the text can help anyone who develops for, works with, or supports Windows 8.1.

This book zeroes in on user and system administration tasks. You’ll find detailed coverage of the following topics:

Customizing the operating system

Optimizing the Windows environment

Configuring hardware devices

Installing and maintaining programs

Managing user access and global settings

Troubleshooting system problems

Also, it is important to note that just about every configuration option in the Windows operating system can be controlled through Group Policy. Rather than add caveats to every discussion that feature A or B can be configured only if allowed in Group Policy, I’m going to assume that you understand the global impact of Group Policy on system configuration and management. I’m also going to assume that you are familiar with the command line and Windows PowerShell. This will allow me to focus on essential tasks for administration.

Windows 8.1 has many enhancements to improve security, including memory randomization and other improvements to prevent malware from inserting itself into startup and running processes. Windows 8.1 uses address space layout randomization (ASLR) to randomly determine how and where important data is stored in memory, which makes it much more difficult for malware to find the specific locations in memory to attack.

Windows 8.1 has enhanced support for devices that use Trusted Platform Module (TPM). Although always-on devices require TPM 2.0, all other devices require at least TPM 1.2. Firmware can use TPM to store hashes, which verify that important operating system files haven’t been changed, and keys, which verify that digital signatures are valid.

Windows 8.1 requires a processor that includes hardware-based Data Execution Prevention (DEP) support. DEP uses the Never eXecute (NX) bit to mark blocks of memory as data that should never be run as code. DEP has two specific benefits. It reduces the range of memory that malicious code can use and prevents malware from running any code in memory addresses marked as Never eXecute.

If your organization doesn’t use an enterprise malware solution, you’ll also be interested to know that Windows Defender for Windows 8.1 has been upgraded to a more fully featured program. Windows Defender now protects against viruses, spyware, rootkit, and other types of malware. Rootkit detection helps to safeguard PCs and tablets from malware that inserts itself into non-Microsoft drivers. If Windows Defender detects that a non-Microsoft driver has been infected, it prevents the driver from starting. It’s important to point out that other features, such as Secure Boot, Trusted Boot, and Measured Boot, protect Microsoft drivers and other critical operating system files.

Real World

Firmware runs internal integrity checks to verify the firmware’s digital signature as part of initialization. With Secure Boot, firmware also verifies the digital signature on the Windows bootloader as part of initialization. If a rootkit is installed and the firmware or the Windows bootloader has been modified, the computer will be prevented from starting. After the Secure Boot, the bootloader verifies the digital signature of the operating system kernel as part of Trusted Boot. Also as part of Trusted Boot, the kernel in turn verifies all remaining boot components, including boot drivers and startup files. Finally, Measured Boot allows third-party software running on a remove server to verify the security of every startup component as well.

Separate distribution media is provided for 32-bit and 64-bit editions of Windows 8.1. To install the 32-bit edition of Windows 8.1 on an x86-based computer, you need to use the 32-bit distribution media. To install the 64-bit edition of Windows 8.1 on an x64-based computer, you need to use the 64-bit distribution media. Generally, if you are running a 32-bit operating system and want to install a 64-bit operating system (on hardware that supports both), you need to restart the computer and boot from the installation media. The same is generally true if you want to install a 32-bit operating system on a computer running a 64-bit operating system.

NOTE

Windows 8.1 RT normally is preinstalled on devices with ARM processors, and it is very different from other editions of Windows 8.1.

Windows 8.1 uses modularization for language independence and disk imaging for hardware independence. Each component of the operating system is designed as an independent module that you can easily add or remove. This functionality provides the basis for the configuration architecture in Windows 8.1. Microsoft distributes Windows 8.1 on media with disk images that use compression and single-instance storage to dramatically reduce the size of image files. The format for disk images is the Windows Imaging (WIM) format.

The Windows Preinstallation Environment (Windows PE) replaces MS-DOS as the preinstallation environment and provides a bootable startup environment for installation, deployment, recovery, and troubleshooting. The Windows Preboot Environment provides a startup environment with a boot manager that lets you choose which boot application to run to load the operating system. On systems with multiple operating systems, you access operating systems prior to Windows 7 in the boot environment by using the legacy operating system entry.

User Account Control (UAC) enhances computer security by ensuring true separation of standard user and administrator user accounts. Through UAC, all applications are run by using either standard user or administrator user privileges, and you get a security prompt by default whenever you run an application that requires administrator privileges. The way the security prompt works depends on Group Policy settings. Additionally, if you log on by using the built-in Administrator account, you typically do not get elevation prompts.

Windows 8.1 has several key UI elements, including the following:

Start screen

Charm bar

Search panel

Settings panel

PC Settings screen

Apps screen (also referred to as All Apps)

The Start screen replaces the traditional Start menu. Start is a window, not a menu. Programs can have tiles on the Start window. Tapping or clicking a tile runs the program. When you press and hold or right-click a tile, an options panel rather than a shortcut menu normally is displayed.

From Start, one way to quickly open a program is by simply typing the file name of the program and then pressing Enter. This shortcut works as long as the Everywhere Search box is in focus (which it typically is by default).

Pressing the Windows key switches between the Start screen and the desktop or the current app you are working with (or, if you are working with PC Settings, between Start and PC Settings). On the Start screen, there’s a Desktop tile that you can tap or click to display the desktop. You also can display the desktop by pressing Windows key + D or, to peek at the desktop, press and hold Windows key + , (that’s the Windows key plus the comma key).

The Charm bar is an options panel for Start, Desktop, and PC Settings. With touch UI, you can display the Charm bar by sliding in from the right side of the screen. With a mouse and keyboard, you can display the Charm bar by moving the pointer over the hidden button in the upper-right or lower-right corner of the Start, Desktop, or PC Settings screen; or by pressing Windows key + C.

The Charm bar has the following five charms:

Search Tap or click the Search charm to display the Search panel. Any text typed while on the Start screen is entered into the Search box on the Search panel. Areas the Search box can be focused on include Everywhere, Settings, or Files. When it is focused on Everywhere, you can use Search to quickly find installed programs, files, settings, and more. When it is focused on Settings, you can use Search to quickly find settings and options in Control Panel. When it is focused on Files, you can use Search to quickly find files.

Share Tap or click the Share charm to share from a desktop app. For example, when working with the Maps app, you’ll typically get options for sharing the map with which you are working.

Start Tap or click the Start charm to switch between Desktop and Start (or, if you are working with PC Settings, between Start and PC Settings).

Devices Tap or click the Devices charm to work quickly with attached devices, such as a second screen.

Settings Tap or click the Settings charm to access the Settings panel, which provides access to important options, including the power options for sleep, shutdown, and restart.

TIP

Normally, Everywhere Search is the default. Thus, from Start, you can quickly open a program by typing the program name and pressing Enter.

You also can display the Settings panel by pressing Windows key + I. From the settings panels, you can:

View connected networks and network status.

View and change audio output levels.

Change brightness levels of the display (portable devices only).

Hide notifications temporarily.

Access power options.

Display the touch keyboard (touch UI devices only).

Access the PC Settings screen (by clicking Change PC Settings).

Start Settings, Desktop Settings, and PC Settings have nearly—but not exactly—identical Settings panels. The Start Settings panel has a Tiles option that you can tap or click to display an option for adding or removing tiles for the administrative tools to the Start screen and an option for clearing personal information from tiles. The Desktop Settings panel has several quick links, including:

Control Panel For opening Control Panel

Personalization For opening personalization settings in Control Panel

PC Info For opening the System page in Control Panel

Help For opening Windows Help and Support

Thus, when you are working with the desktop, one way to quickly open Control Panel is by pressing Windows key + I, and then clicking Control Panel on the Settings panel.

File Explorer is pinned to the desktop taskbar by default, which means you can also access Control Panel by following these steps:

Open File Explorer by tapping or clicking the taskbar icon.

Tap or click the leftmost option button in the address list.

Tap or click Control Panel.

Another technique you’ll want to quickly master is getting to the Apps screen, which lists installed apps alphabetically within app categories. Apps are listed first in the results whenever you perform an Everywhere search. On the Start screen, you’ll find a button with an arrow pointing down; tapping or clicking this button displays the Apps screen. On the Apps screen, you’ll find lists of all installed programs, organized by category. Apps listed in the Windows System category are ones you’ll often use for administration, including Command Prompt, Control Panel, Task Manager, File Explorer, This PC, and Windows PowerShell. Administrative tools are only displayed on the Apps screen if you previously selected the Tiles option on the Start Settings panel and then selected Show Administrative Tools.

NOTE

With Windows 8.1 Pro and Windows 8.1 Enterprise, Windows PowerShell is normally added as a feature. From Start, a quick way to open Windows PowerShell is to type powershell, and then press Enter. This shortcut works as long as Windows PowerShell is the first match found for the keyword “powershell.” If multiple matches are found, tap or click the one that you want to run rather than pressing Enter.

TIP

If you’ve opened the Apps screen on your computer, you might want to add pinned items to Start or to the desktop taskbar. To do this, press and hold or right-click the item, and then tap or click Pin To Start or Pin To Taskbar as appropriate. For easier administration, I recommend adding Command Prompt and Windows PowerShell to the taskbar.

With Windows 8.1, you might want to use Windows PowerShell as your go-to prompt for entering both standard Windows commands and Windows PowerShell commands. Although anything you can enter at a command prompt can be entered at the Windows PowerShell prompt, it’s important to remember that this is possible because Windows PowerShell looks for external commands and utilities as part of its normal processing. As long as the external command or utility is found in a directory specified by the PATH environment variable, the command or utility is run as appropriate. However, keep in mind that Windows PowerShell execution order could affect whether a command runs as expected. For Windows PowerShell, the execution order is (1) alternate built-in or profile-defined aliases; (2) built-in or profile-defined functions; (3) cmdlets or language keywords; (4) scripts with the .ps1 extension; and (5) external commands, utilities, and files. Thus, if any element in 1 to 4 of the execution order has the same name as a command, that element will run instead of the expected command.

Windows 8.1 ships with Windows PowerShell. When you’ve configured Windows PowerShell for remote access, you can execute commands on remote computers in a variety of ways. One technique is to establish a remote session with the computers with which you want to work. The following example and partial output shows how you can check the Windows edition on remote computers:

The internal version number for Windows 7 is 6.1, whereas the internal versions for Windows 8 and Windows 8.1 are 6.2 and 6.3 respectively. Thus, based on this output, you know the computer is running Windows 7 Ultimate edition (and hasn’t been upgraded to Windows 8.1 yet).

NOTE

With the New-PSSession command, you use the –ComputerName parameter to specify the remote computers to work with by Domain Name System (DNS) name, NetBIOS name, or IP address. When working with multiple remote computers, separate each computer name or IP address with a comma.